const express = require('express');
const router = express.Router();
const companyController = require('../controllers/company.controller');
const { authenticate, authorize } = require('../middleware/auth');

// 公开路由
router.get('/:id', companyController.getCompanyById);
router.get('/:id/jobs', companyController.getCompanyJobs);

// 受保护路由
router.use(authenticate);

// 公司用户路由
router.get('/my-company', companyController.getMyCompany);
router.post('/', companyController.createCompany);
router.put('/:id', companyController.updateCompany);
router.delete('/:id', companyController.deleteCompany);

// 管理员路由
router.get('/', authorize('admin'), companyController.getAllCompanies);
router.patch('/:id/approve', authorize('admin'), companyController.approveCompany);

module.exports = router;